Monthly Archives: September 2020

Current Activity

Adobe Releases Security Update for Media Encoder

Original release date: September 16, 2020Adobe has released a security update to address vulnerabilities in Media Encoder. An attacker could exploit these vulnerabilities to obtain sensitive information. The Cybersecurity and…

Comments Off on Adobe Releases Security Update for Media Encoder
September 16, 2020
Alerts

AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities

Original release date: September 15, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities
September 15, 2020
Analysis Reports

AR20-259A: MAR-10297887-1.v1 – Iranian Web Shells

Original release date: September 15, 2020Description Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any…

Comments Off on AR20-259A: MAR-10297887-1.v1 – Iranian Web Shells
September 15, 2020
Current Activity

Iran-Based Threat Actor Exploits VPN Vulnerabilities

Original release date: September 15, 2020The Cybersecurity Security and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory on an Iran-based malicious…

Comments Off on Iran-Based Threat Actor Exploits VPN Vulnerabilities
September 15, 2020
Bulletins

Vulnerability Summary for the Week of September 7, 2020

Original release date: September 14, 2020  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info cisco -- fxos A vulnerability in Cisco FXOS Software could…

Comments Off on Vulnerability Summary for the Week of September 7, 2020
September 15, 2020
Current Activity

Exploit for Netlogon Remote Protocol Vulnerability, CVE-2020-1472

Original release date: September 14, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of publicly available exploit code for CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. Although…

Comments Off on Exploit for Netlogon Remote Protocol Vulnerability, CVE-2020-1472
September 14, 2020
Alerts

AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Original release date: September 14, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and…

Comments Off on AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
September 14, 2020
Current Activity

CISA Insights: Email-Based Attacks on Elections-Related Entities

Original release date: September 10, 2020The Cybersecurity and Infrastructure Security Agency (CISA) has released CISA Insights: Actions to Counter Email-Based Attacks on Elections-Related Entities in light of increased sophisticated phishing…

Comments Off on CISA Insights: Email-Based Attacks on Elections-Related Entities
September 10, 2020
Current Activity

ACSC Releases Annual Cyber Threat Report for 2019–2020

Original release date: September 10, 2020The Australian Cyber Security Centre (ACSC) has released its annual report on key cyber threats and statistics from 2019–2020. The report highlights that phishing and…

Comments Off on ACSC Releases Annual Cyber Threat Report for 2019–2020
September 10, 2020